Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=kimbeesweets.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 21, 2025
Valid Until
January 19, 2026
67 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A2:9F:62:32:55:72:5D:9A:02:30:CE:19:7E:22:68:FD:AB:F4:AE:C4:C3:40:E0:6F:77:15:CF:48:9C:2A:D7:F5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.warriorcore4.com
9animeapp.store
acadya.com.mx
adcorda.com
alenayeray.online
apexta.biz
choir.armenian.ca
badoca-co.com
pay-sandbox.billmybank.com
sejagat.biz.id
bluekeeppatch.com
handbook.bosphorusiss.com
event.brian-poole.com
staging.prokon.bwplatform.app
bytewatergroup.com
c911.me
casconstructiongroup.com
www.casualrankings.com
catchthinkdo.com
chickentracker.app
peopleconference.ynet.co.il
coraidi.com
www.app.effiway.com
eliasmadriz.com
fincreate.cloud
fitmymeal.ca
tv.fomo-tv.com
www.fourseasonsvape.com
gamevidya.com
geniusintech.com.br
www.gifttable.co
auth.givver.io
global1support.com
hangmansgauntlet.app
www.happy-camper.ca
happyheartmalden.com
www.haushammerer.at
imcamantalya.com
fxbshoreview.impactwrap.com
beyond.impakt.nl
www.jamesgilbertcarpentry.co.uk
apply-admin.judicialappointments.digital
site-dock.kaizenplatform.net
cms.kaleamarket.com
kimbeesweets.com
sk.kuramaturita.eu
www.laboratoriodentalsalva.com
www.lesrelaiscartegrise.fr
letspause.co
mega.linkpoliba.it
lucifine.fr
www.app.machineworks.io
enviosdesa.madelan.com.ar
turnersports.madhive.com
schoolarc.masci.cz
matthieumontaille.fr
www.metafori.co
personal.midas-financials.com
beta.mikmak.tv
mqamash.com
dashboard-yinthway.myancare.org
www.nirfeinste.in
www.nirshyam.com
noteboat.info
www.oatridgeclassactionsettlement.com
comunicacao-develop.libcom.org.br
mobileapp.ozios.com
pacmanvps.com
rdgrenalfm.pampa.com.br
biz.panforyou.jp
auth.photon.education
pioneermeetings.com
ppix.me
streetbangkokcanal.order.pulp.eu
www.qnips.com
quack.sbs
thiruvallur.rainbowsdroptaxi.com
www.realbzpro.com
ruf.us
www.samani.ai
savlalaminates.com
www.shenobutter.com
get.simplesuccess.com
smart-resto.app
somoudalufaq.com
sparestwowheeler.com
qr.tapx.digital
app.staging.tara.ai
www.travelwebway.com
tripfolio.app
twisen.io
www.unicorndreamshk.com
valley-electronics.ch
votum-group.com
waafisoft.ca
links.wazaa.app
dashboard.wizishop.com
yuruslugi-nsk.ru
zejtunindiegames.com
zentwi.app
Other domains in certificate